Overview

overview

10

Static

static

4

JaffaCakes...f.html

windows7-x64

10

JaffaCakes...f.html

windows10-2004-x64

3

Analysis

  • max time kernel
    141s
  • max time network
    145s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    23-01-2025 08:20

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    JaffaCakes118_15626221c16a54239c9d4361cb24a6ef.html

  • Size

    163KB

  • MD5

    15626221c16a54239c9d4361cb24a6ef

  • SHA1

    456b881af851740ec46d4a651a8ec89f75b3c2bc

  • SHA256

    afab24839515a0bb0968a6622fde43a09bbc77b29387f431e26da2726e465010

  • SHA512

    ab150c274efa8078f93bc7dcf6c9d9843170be726711821f4246e57d477f3175a5f06a967b3b192d136688620e37a243ac2765cd0f62449edf08fbe076592638

  • SSDEEP

    768:2Jk1ATx+Bw24Tp7VD6UBOQinhWcVI0Hoy57EUJ3uCmWDrODQPydd7rxq0pa7XE6x:2nHD6UBOGcVvo1UJdcFpa7XHcDO0tiMA

Score
10/10
socgholishdiscoverydownloader

Malware Config

Signatures

  • SocGholish

    SocGholish is a JavaScript payload that downloads other malware.

    downloadersocgholish
  • Socgholish family
    socgholish
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_15626221c16a54239c9d4361cb24a6ef.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2396
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2396 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2552

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    252B

    MD5

    9e88177a7d61e9557357a158267db0a0

    SHA1

    29494df5b4a5fb0c2be8b53ba37c7e623508ed10

    SHA256

    2026934e2d257861c0fcd90deb78217ff212265e8e422283f18b0e3169bf2495

    SHA512

    246e8f6bc92cd4ee1d3dee5d9922a42c775aaafe9ddcac3b7d959746c7387bf9eef9cce8824d61a3974f873c1c9537d51cb265dca142f534e8cb07289434c6a1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b37c38098a5f48327d8a1f2e56d7586b

    SHA1

    5d8de7669f496a8a65e05ae6c588425119552175

    SHA256

    5898ba9d339b910e69d9dbb7ff43dcae0de6dc7c1ae9740a28fc9a70ec1c0314

    SHA512

    b9e7d09d696e123be98b3a4975b28ec8f8ec2b43bc87e93a19ea5cbc1e8f813119c2e63ea68078355d23e8851315ece30dcd0999948518b34826bde3e99b5657

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9fa9f6e874659c176e376c55e344e747

    SHA1

    81b06fbc73e8d72dc605302f19bd9f6d44102222

    SHA256

    793d36ce494761d817420b559ff6e34dc5f594c43af75b94af9ee2ab71c5d15d

    SHA512

    f580976ea9fb08dae46ff6e39ee0ede893ac581835fe851823af59d72243daded17ddc3a2687156ed6a2dc49ea0753258de4fcc6534fd06b508c3e5daa748624

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    00ea9258b33e2aabd96980d80b89324c

    SHA1

    b04f9ae4107673339d7eacdcc7cffbad647e3176

    SHA256

    966acbedbef974ddc623636e1a65547dd7d0a3a65e77ad07682ec5f372bf65ef

    SHA512

    16c7a22e87dc94f596d37c5c7a9cb978cb6fad26f5221c55e473ae97dd7cb88c004c5980cb896eb22cac47e438b6b6e60923456f2fafb9583d2b3d68273a8421

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e222fe03041e05c2b0aff7067f313288

    SHA1

    5ebb699606610d576299fff3448caf3844672d74

    SHA256

    a972e570f905c038ad0df01e6c10bc2b57dd917feb583c86b665f73fb7d86949

    SHA512

    0b80955c8a12356d3cc1a57263ce6c59b9a385c62533086c27d62bce77444473e79c91bf1ac02067026ebf29e79883b6b5476f958f68a941422b16fd7bda55e9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a948944271b0c7dd8f11f0cc081d9ea8

    SHA1

    f9de478fbf73226e3375bfe1df92c27289e46cc9

    SHA256

    59e6c1a4132ddce2a5aa8c0dad44ae41cd0805ef0c81ccc16d0463380624576c

    SHA512

    365ab72d64f0ea5d47f43a8a0dc0628936491669f5b1c7940b8e2388c1fe348bdd8b7f7c509f692332a1f067f2bc71847938d87491b6c3cc28664887905756d6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    47e09ba21d22f0424c84acb3f641031f

    SHA1

    3cd9638ba884b1377c948dfc2be301cdb2f3246e

    SHA256

    e748f338052df4c4d6e82e475d37880fb45e96ab4e4905c4af8fd56f98410a00

    SHA512

    ee43092f8cfc48de656bf6635517912dd57ba40ebf32ba370977b2e31139351bcd5ec5234757ade7662a3e97845d8b58d4f845ee7962188c06bcbccf123e1113

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    42c48ddc93f8df853344fdc4f4b7df80

    SHA1

    47ae75483fdb54a0d876255b7b33d4859ed5b0d4

    SHA256

    b83db19f29090af8615319855541a6a178aa88a094af14f4bc5577d696069a90

    SHA512

    70a7a7e2fb6ffb7f778f9606fe379ccc661f323fb80e2235787c3fc5d62d6c66b5475330c4a7ce789363ffb6500c16c37e24a5f28f9e60bdb6e21c1df9f416da

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e05611f859ad16302fedf3336d622123

    SHA1

    dac8f0fbe54be8e5d6deacc6e8c909cd8db06cea

    SHA256

    7e368878d4b152ec921f1cedb52f3b6e0b6a810c00f674732496995e2805c2d9

    SHA512

    e553f82a6a2fc175c220f46168a6ca0764574f5117403afe4daa61dae8138557ece83afd35e7643f445f7aeb522924fe453bd89cf9f8a85d3703d8a7985e54f8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f10684b4cacd8f986fc15bc5cebd77ff

    SHA1

    9c4a010e046295c5f6522bdcbc3a1aec61c488e7

    SHA256

    ae6f68d5f14a0e5cf52505e9c5b90a9884067815e225313829cc41923bd766d2

    SHA512

    2084547123ba8caaeb126d2f1212374985f4d30480d4e98b99b60ac06a4093f5a4c01e2d401c3e3228acaa572db4f9653564348807a64e1437b9b34c25a43b07

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    c044b3bd393b239d1f490ea3ce6fc8c8

    SHA1

    304f63ad344d7fd4a678d69616dd258af3bac452

    SHA256

    f81ac9e05ddd47daa62af35a82f21ed72080c2471fb599a9a77deee399d6bd36

    SHA512

    5b75c0e91a6253b8f5321067f93ffde6861fdd636c244d16c8d6613d00bb205f18484a7cdad0e54df7e8a2db9f57553f9e578fc5677bb5d8181d73d4fed2b021

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabF48F.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarF490.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit